forked from vercel/next.js
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pre-push
executable file
·52 lines (40 loc) · 1.39 KB
/
pre-push
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/usr/bin/env bash
protected_branch='canary'
protected_remote_urls=(
'[email protected]:vercel/next.js.git'
'https://github.com/vercel/next.js.git' # github blocks password-based auth, but still usable via API token
)
# The pre-push hook [...] receives the name and location of the remote as parameters
# https://git-scm.com/book/en/v2/Customizing-Git-Git-Hooks
remote_name="$1"
remote_url="$2"
# if we're pushing to a fork, we don't need to protect canary.
# check if the remote is one of the protected ones.
is_remote_protected=0
for protected_remote_url in "${protected_remote_urls[@]}"; do
if [ "$remote_url" = "$protected_remote_url" ]; then
is_remote_protected=1
break
fi
done
if [ "$is_remote_protected" = 0 ]; then
exit 0
fi
# check if the push is targeting canary on the remote
# https://stackoverflow.com/a/44156933
push_targets_protected_branch=0
protected_ref="refs/heads/$protected_branch"
while read -r _local_ref _local_sha remote_ref _remote_sha; do
if [ "$remote_ref" = "$protected_ref" ]; then
push_targets_protected_branch=1
break
fi
done
if [ "$push_targets_protected_branch" = "1" ]; then
echo "You probably didn't intend to push directly to '$protected_branch' on '$remote_name' ($remote_url)." >&2
echo "If you're sure that that's what you want to do, bypass this check via" >&2
echo "" >&2
echo " git push --no-verify" >&2
echo "" >&2
exit 1
fi